0

I would like to know if the connection in my office is filtered, because i cannot access Faceboook neither Youtube but i can access google with no problems, but Tor i can access all the websites.

i would like to know some details about the filtering software used in my office network. is there any type if filtering that cannot be bypassed even with Tor ?

geogeek
  • 113
  • 1
  • 5
  • "i would like to know some details about the filtering software used in my office network." - ask your system administrator at lunch one day. Also keep in mind that subverting your office's firewall is likely grounds for termination. – Gray Apr 23 '14 at 12:42

2 Answers2

2

Standard disclaimers apply, however user Lighty is correct in that it's a proxy server.

Proxies operate by filtering websites by URL, IP, content, or category. Websites like Facebook, Twitter, and LinkedIn are categorized as "Social Networks" and your company sounds like it blocks access to them. Youtube, Hulu, and Netflix are all probably categorized as "Streaming Video" and is also probably blocked. You will probably also find that porn sites and websites against company policy (weapons, online shopping, gruesome content) are also blocked. Your sysadmin will also be able to block certain websites based on IP or domain name, which could be done if he specifically does not want you to visit Facebook or Twitter, but will allow LinkedIn. You can see if you are behind a proxy by comparing your own system IP address with that of a looking-glass server like http://whatismyip.com

Proxy servers are enforced to endpoints in different ways, such as:

  • WCCP redirection
  • Proxy.PAC files (most common)
  • WPAD.DAT via DHCP
  • Local software client

Often, firewalls and proxy servers work closely together to maintain a good security posture. If a firewall blocks egress traffic from any other an IP address than the proxy server, circumventing is not possible. If this is the case, then encrypting your traffic, which is what you're doing with TOR, may work. Even encryption is not a surefire way to get out if the proxy server is using SSL decryption (which some do).

It goes without being said that circumventing corporate security measures has consequences, but it likely can be done given the firewalls permit. Try the following in order of ease:

  1. Use another browser such as Firefox or Chrome (be sure it doesn't use the proxy [see #3])
  2. Visit a site by IP instead of hostname (Ex. One of Facebook's servers is 173.252.110.27)
  3. Uncheck the proxy.pac file or "automatic configuration script" as it's labeled in Window's Internet Options

In IE:

Go to Settings > Internet Options > Connections Tab > LAN Settings > Uncheck all boxes

In Firefox:

Go to Tools > Options > Advanced > Network > Settings... > Check "No Proxy"

When circumvention doesn't work, you can try to encrypt your traffic. Encryption is what you're doing with the TOR network, and sounds like you're having success with it. This is how the encryption is working:

  1. The TOR client on your workstation encrypts your traffic and sends it into the TOR cloud of systems
  2. The proxy server intercepts your request and will fetch the information for you
  3. The proxy queries the TOR cloud to get the data on your behalf
  4. Your request is routed through a series of nodes in the TOR cloud and reaches the destination server
  5. The server responds with the data you seek and it works its way through the TOR cloud and back to your proxy server
  6. The proxy server forwards the data to you, but because the data is encrypted and your proxy server doesn't have a way to decrypt it (unless it has SSL decryption enforced) it cannot look at or filter your data
  7. You receive the data on your workstation

TOR Note: Because of the large number of hops needed to retrieve every little bit and byte of data, encryption and routing through the TOR cloud can add detrimental amounts of latency and/or could cause the connection to be extremely slow.

If encryption doesn't work, it's likely because your proxy is enforcing SSL decryption with a decrypt or drop rule. At this point, you're best off using your phone to cruise Facebook at the like.

PTW-105
  • 1,377
  • 9
  • 7
  • "You can see if you are behind a proxy by comparing your own system IP address with that of a looking-glass server like http://whatismyip.com". If you're still using IPv4, your router is almost certainly using NAT which will show your public IP address on whatismyip instead of your private IP address. – Kevin Johnson Sep 04 '17 at 03:25
0

its called a Proxy, your office propably filters your connection.

with Tor, you connect to the Tor server, and via there, loop around to the website, i think.

thats why, a proxy can act as a filter.

EDIT: the sort of filetering that cannot be byassed, if that when Tor's path/port gets blocked off by the Proxy, or the firewall, but most offices only block certain domains, not ports/adresses for applications

Lighty
  • 2,368
  • 1
  • 23
  • 36